API

Use the Veil API to obfuscate images via a single endpoint.

OpenAPI

Download the OpenAPI 3.1 specification at /api/openapi.json.

Browse interactive docs at /api-reference.

Endpoint

POST /api/obfuscate

Content type: multipart/form-data

Parameters

image (required) — file upload. JPEG, PNG, GIF, BMP. Max 10MB.

cellCount (optional) — integer > 1 controlling shard density.

Response

If the Accept header starts with image/ (or */*), the API returns the obfuscated image bytes with a matching Content-Type.

Otherwise it returns JSON with a public URL and an expiry timestamp.

{
  "url": "https://your-host/scratch/filename.jpg",
  "expires": "2026-02-03T12:34:56+00:00"
}

Errors

400 Bad Request — missing image, invalid cellCount, or file too large.

405 Method Not Allowed — only POST is accepted.

415 Unsupported Media Type — only JPEG, PNG, GIF, BMP.

500 Internal Server Error — processing failure.

Rate Limits

Default: 20 requests per minute per IP.

Headers returned: X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset.

When limited, the API responds with 429 and a Retry-After header.

Examples

Return JSON:

curl -X POST "https://your-host/api/obfuscate" \
  -F "image=@/path/to/photo.jpg" \
  -F "cellCount=120" \
  -H "Accept: application/json"

Return image bytes:

curl -X POST "https://your-host/api/obfuscate" \
  -F "image=@/path/to/photo.jpg" \
  -H "Accept: image/jpeg" \
  -o obfuscated.jpg